A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.04 LTS (Focal Fossa) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * cloud-init: 21.3-1-g6803368d-0ubuntu1~20.04.3 => 21.3-1-g6803368d-0ubuntu1~20.04.4 
 * distro-info-data: 0.43ubuntu1.6 => 0.43ubuntu1.9 
 * pam: 1.3.1-5ubuntu4.2 => 1.3.1-5ubuntu4.3 
 * squashfs-tools: 1:4.4-1ubuntu0.2 => 1:4.4-1ubuntu0.3 
 * tzdata: 2021a-0ubuntu0.20.04 => 2021a-2ubuntu0.20.04 


The following is a complete changelog for this image.
new: {}
removed: {}
changed: ['cloud-init', 'distro-info-data', 'libpam-modules-bin', 'libpam-modules:amd64', 'libpam-runtime', 'libpam0g:amd64', 'squashfs-tools', 'tzdata']
new snaps: {}
removed snaps: {}
changed snaps: ['core20', 'snapd']
==== cloud-init: 21.3-1-g6803368d-0ubuntu1~20.04.3 => 21.3-1-g6803368d-0ubuntu1~20.04.4 ====
====     cloud-init
  * cherry-pick 9c147e83: Allow disabling of network activation (SC-307)
    (#1048) (LP: #1938299)
==== distro-info-data: 0.43ubuntu1.6 => 0.43ubuntu1.9 ====
====     distro-info-data
  * Add Ubuntu 22.04, Jammy Jellyfish (LP: #1947368).
  * Update ubuntu.csv contents to what we had in hirsute+.
  * Update ubuntu.csv for trusty and xenial ESM extended dates
    (LP: #1946137).
==== pam: 1.3.1-5ubuntu4.2 => 1.3.1-5ubuntu4.3 ====
====     libpam-modules-bin libpam-modules:amd64 libpam-runtime libpam0g:amd64
  * Correctly document current VCS in debian/control.
  * Drop patches to implement "nullok_secure" option for pam_unix.
    Closes: #674857, #936071, LP: #1860826.
  * debian/patches-applied/nullok_secure-compat.patch: Support
    nullok_secure as a deprecated alias for nullok.
  * debian/pam-configs/unix: use nullok, not nullok_secure.
  * extrausers.patch: update for compatibility with the removal of
    nullok_secure.
==== squashfs-tools: 1:4.4-1ubuntu0.2 => 1:4.4-1ubuntu0.3 ====
====     squashfs-tools
  * SECURITY UPDATE: Properly handle directory sorting in 2.x filesystems
    - debian/patches/0007-CVE-2021-41072-4.patch: Fix to check filesystem
      version and sort accordingly when needed
    - CVE-2021-41072
==== tzdata: 2021a-0ubuntu0.20.04 => 2021a-2ubuntu0.20.04 ====
====     tzdata
  * Merge from Debian unstable (LP: #1945527). Remaining changes:
    - Ship ICU timezone data files which are utilized by php and update them
      to 2021a1.
  * Set urgency to critical as the Samoa DST change is already effective.
  * Update Provides to tzdata-bookworm.
  * debian/control: remove Adam Conrad from Uploaders. RIP.  Closes: #986954.
  * Cherry-pick patches from tadata-2021b until the upstream situation gets
    less confused:
    - 01-no-leap-second-2021-12-31.patch: No leap second on 2021-12-31 as per
      IERS Bulletin C 62.
    - 02-samoa-dst.patch: Samoa no longer observes DST.
    - 03-jordan-dst.patch: Jordan now starts DST on February's last Thursday.

--
[1] http://cloud-images.ubuntu.com/releases/focal/release-20211015/
[2] http://cloud-images.ubuntu.com/releases/focal/release-20211004/